Complete DHS Report for January 27, 2015
Daily Report
Top Stories
· Wells
Fargo and JPMorgan Chase agreed January 22 to pay $35.7 million in penalties
and consumer compensation to resolve allegations that loan officers with the 2
banks participated in a mortgage kickback scheme with a now-defunct company. – Associated
Press
See
item 8 below in the Financial Services Sector
· A severe winter storm in
the Northeast region of the U.S. January 26 prompted the cancellation of 6,175
flights. – USA Today
9. January 26, USA Today – (National) Airlines cancel 6,175
flights ahead of monster storm. A severe winter storm in the Northeast
region of the U.S. January 26 prompted the cancellation of 6,175 flights, over
220 of which were cancelled through January 28, across dozens of airports in
the storm’s path. Source: http://www.usatoday.com/story/todayinthesky/2015/01/25/airlines-preemptively-cancel-450-flights-ahead-of-monday-storm/22320939/
· A Lewisburg, West
Virginia water treatment plant was shut down after more than 3,500 gallons of
diesel fuel spilled into the Greenbrier River January 23, prompting a water
outage impacting 12,000 county residents and businesses. – Charleston Daily
Mail
18. January 25, Charleston
Daily Mail – (West
Virginia) 12,000 without water in Greenbrier County after diesel spill. The
Lewisburg water treatment plant in West Virginia was shut down after a
semi-truck rolled over and spilled more than 3,500 gallons of diesel fuel into
a tributary of the Greenbrier River January 23, prompting a water outage
January 25 which impacted 12,000 county residents and businesses. Crews began
taking water samples and placing booms in Anthony Creek to contain the spill
and officials closed several schools in the area due to the incident. Source: http://www.charlestondailymail.com/article/20150125/DM01/150129502
· Huntsville police
arrested an AT&T contractor January 23 for allegedly stealing tens of thousands
of dollars in copper from substations within north Alabama, causing an
estimated $1 million in damage. – Huntsville Times See item 26 below in the Communications Sector
Financial Services Sector
7. January
25, WAVE 3 Louisville – (Kentucky; Indiana) More than 150 fraudulent
credit cards found during traffic stop. A Louisville driver and passenger
were arrested and charged with one count of fraud January 22 after
approximately 170 fraudulent credit cards were discovered in the suspect’s car
during an unrelated traffic stop in Seymour by Indiana State Police. Source: http://www.wave3.com/story/27934977/more-than-150-fraudulent-credit-cards-found-during-traffic-stop
8. January
22, Associated Press – (Maryland; Virginia; New York) Wells Fargo, JPMorgan settle
mortgage kickbacks probe. Wells Fargo and JPMorgan Chase agreed January 22
to pay a collective $35.7 million in penalties and consumer compensation to
resolve allegations that loan officers with the 2 banks participated in a
mortgage kickback scheme with a now-defunct company, Genuine Title, in exchange
for cash and marketing services. More than 100 former Well Fargo loan officers
in at least 18 branches located primarily in Maryland and Virginia, and at
least 6 former JPMorgan Chase loan officers in 3 separate branches in Maryland,
Virginia, and New York, were involved with the scheme. Source: http://abcnews.go.com/Business/wireStory/jpmorgan-wells-fargo-settle-mortgage-kickbacks-probe-28411620
For another story, see item 25 below in the Information Technology Sector
Information Technology Sector
23. January 24, Softpedia – (International) PHP
5.6.5 fixes flaw leading to remote code execution. The latest version of
hypertext preprocessor (PHP) version 5.6.5 closes several security
vulnerabilities including a flaw identified as CVE-2014-9427 that could be
exploited by an attacker to execute code remotely on an affected machine if
certain conditions are met. Source: http://news.softpedia.com/news/PHP-5-6-5-Fixes-Flaw-Leading-to-Remote-Code-Execution-471101.shtml
24. January 23, Softpedia – (International) Google
Apps admin panel falls for XSS, issue researcher gets $5,000. Google
awarded a Blizzard Entertainment researcher for discovering a cross-site
scripting (XSS) vulnerability that relied on a JavaScript code to be executed
in the Google Apps administration console, which would grant an attacker full
control of the Google account. Source: http://news.softpedia.com/news/Google-Apps-Admin-Panel-Falls-for-XSS-Issue-Researcher-Gets-5-000-471056.shtml
25. January 22, Softpedia – (International) Mobile
banking apps are risky business for Android users. A RiskIQ report found
that more than 40,000 of about 350,000 mobile apps used for financial
transactions should be considered suspicious with many of them containing
malware and adware. Source: http://news.softpedia.com/news/Mobile-Banking-Are-Risky-Business-for-Android-Users-470918.shtml
Communications Sector
26. January 23, Huntsville
Times – (Alabama) AT&T contractor accused of stealing more
than $1 million in copper faces charges in Huntsville, Birmingham. Huntsville
police arrested a worker January 23 from a contracting company that serviced
AT&T in connection to allegedly using his position to steal tens of
thousands of dollars in copper from substations within north Alabama, causing
an estimated $1 million in damage. Source: http://www.al.com/news/index.ssf/2015/01/att_contractor_accused_of_stea.html